Advantages and disadvantages of backing up tape Encryption

Undoubtedly, the security of current information is becoming more and more important. Therefore, the system administrator tries to encrypt the data as much as possible. Even so, the "Data Encryption" plan is not the best practice, especially when backing up data.

Before discussing the advantages and disadvantages of encrypting backup data, I need to point out that there are many different forms of encryption for backup data. The term backup encryption can refer to a large number of other encryption types, such as disk storage encryption, backup tape encryption, and network transmission encryption. This article focuses on backing up tape encryption.

Advantages of backing up tape Encryption

We agree that the main point of view on Backup Tape encryption is that encryption helps prevent data leakage. In the best practice scenario, backup tapes (or one copy of each Backup Tape) are generally transmitted remotely. In most cases, this means you need to physically migrate the backup tape from your data center to a secure remote backup point through the transmission service. This leads to data not under your direct control. The only way to protect data is to encrypt it.

Protection of sensitive data is not peeked, which requires encryption of backup data. In addition, the US Federal Act also provides relevant provisions. For example, HIPAA requires the company to protect sensitive data from being exposed. Likewise, unencrypted backup tapes can be seen as directly violating these requirements, even if the backup tapes have not been delivered to a third party.

Disadvantages of backing up tape Encryption

Encryption is used to prevent attackers from accessing your data. In some cases, encryption prevents you from accessing your data. This situation may occur especially when the Backup Tape is encrypted.

Let's consider how the LTO tape drive is encrypted. LTO-4 to LTO-6 LTO supports 256-bit AES encryption on the hardware layer. Each vendor has its own implementation method, but generally, the encryption process first passes a symmetric key to the tape drive at the beginning of the backup operation, this key is used to encrypt the data when the data is written to the tape.

To ensure data security, encryption keys must not be written into tapes. Unless absolutely necessary, tape drive providers generally do not store encryption keys on tape drives for too long. Otherwise, dissatisfied employees can simply obtain the encrypted backup tape by getting the data written to the tape drive.

Although this method has been used for a long time to protect encrypted data against data leaks, there are problems in the face of large disasters. If the backup server of an organization is damaged, the corresponding encryption key may also be damaged, which means that data cannot be decrypted. If the encrypted data does not have an encryption key, it is like corrupted data. If you do not have an encryption key, your backup is useless.

This does not mean that there is no way to protect the security of the encryption key. There are a large number of best practices for encryption key management. In fact, it only adds a layer of backup and recovery for key management. If the master node suffers a disaster and strikes, obtaining the key and adding it to the new backup server will increase the time for recovery.

It is not enough to have a suitable key management system. The system administrator needs to prepare a comprehensive solution to protect the key management system. Generally, the system needs to be backed up and stored separately to ensure that keys can be easily obtained even in the event of a large-scale disaster.

Shouldn't backup data be encrypted?

In fact, in some cases, encryption is required because of regulatory requirements or the sensitivity of backup data. In other cases, whether or not to encrypt the backup data is a trade-off between the risk of data loss related to security and encryption. If you decide to encrypt the backup data, you must store the copy of the encryption key in the backup storage to ensure that the key can be retrieved after it is lost.